Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM Posturing related questions

This thread has been viewed 11 times

  • 1.  CPPM Posturing related questions

    Posted Apr 28, 2024 03:00 AM

    Hello guys,

    we are deploying CPPM Posture, and we have some questions, we would like to know the best answers for it, we want to achieve the following via Posturing:

    If (AD User + Domain Joined Machine + Latest OS + Updated Microsoft Defender)

    then assign healthy VLAN.

    if one is not valid,

    then assign Quarantine VLAN.


    DHCP for VLAN (NAC-Quarantine):
    Is DHCP provision necessary for NAC-Quarantine VLAN?
     
    Internet Access for NAC-Quarantine VLAN:
    Should internet access be provided to NAC-Quarantine VLAN?
     
    Mitigation Plan for Non-Compliance:
    What is our mitigation plan for rectifying non-compliant endpoints?
     
    Helpdesk Procedure:
    Could we establish a working procedure for the Helpdesk team to handle non-compliant endpoints?



    ------------------------------
    Eyad Subeh
    ------------------------------


  • 2.  RE: CPPM Posturing related questions

    Posted 30 days ago

    Use OnGuard persistent agent.

    Sequence of authentication:

    1. Machine Auth (RADIUS)
    2. User Auth (RADIUS)
    3. Posture Check (WEBAUTH)
    4. CPPM Send CoA (RADIUS-reverse direction)
    5. User Auth (RADIUS)

    Original Message